Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citadel citadel vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2011-1756
modules/xmpp/serv_xmpp.c in Citadel 7.86 and previous versions does not properly detect recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested ...
Citadel Citadel 7.84
Citadel Citadel 7.81
Citadel Citadel 7.80
Citadel Citadel 7.82
Citadel Citadel 7.50
Citadel Citadel
Citadel Citadel 7.11
Citadel Citadel 7.60
668
VMScore
CVE-2009-0364
Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions prior to 7.39, allows remote malicious users to execute arbitrary code via unspecified vectors.
Citadel Webcit 7.37
Citadel Webcit 7.11
Citadel Webcit
Citadel Webcit 7.02
Citadel Webcit 7.10
Citadel Webcit 7.22
Citadel Webcit 7.12
1000
VMScore
CVE-2004-1192
Format string vulnerability in the lprintf function in Citadel/UX 6.27 and previous versions allows remote malicious users to execute arbitrary code via format string specifiers sent to the server.
Citadel Ux 6.26
Citadel Ux 6.08
Citadel Ux 6.24
Citadel Ux 6.23
Citadel Ux 6.27
Citadel Ux 6.07
1 EDB exploit
515
VMScore
CVE-2004-1705
Buffer overflow in Citadel/UX 6.23 and previous versions allows remote malicious users to cause a denial of service via a long username.
Citadel Ux 5.90
Citadel Ux 6.08
Citadel Ux 5.91
Citadel Ux 6.23
Citadel Ux 6.07
3 EDB exploits
NA
CVE-2023-44272
A cross-site scripting vulnerability exists in Citadel versions before 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user.
Citadel Citadel
755
VMScore
CVE-2008-0394
Buffer overflow in Citadel SMTP server 7.10 and previous versions allows remote malicious users to execute arbitrary code via a long RCPT TO command, which is not properly handled by the makeuserkey function. NOTE: some of these details were obtained from third party information.
Citadel Smtp
1 EDB exploit
668
VMScore
CVE-2020-27739
A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote malicious users to hijack recently logged-in users' sessions. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 92...
Citadel Webcit
383
VMScore
CVE-2020-27741
Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit through 926 allow remote malicious users to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabil...
Citadel Webcit
668
VMScore
CVE-2007-3821
Cross-site request forgery (CSRF) vulnerability in Webcit prior to 7.11 allows remote malicious users to modify configurations and perform other actions as arbitrary users via unspecified vectors.
Citadel Webcit
NA
CVE-2022-1293
The embedded neutralization of Script-Related HTML Tag, was by-passed in the case of some extra conditions.
Thalesgroup Citadel
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »